As a system admin you need to be on the lookout for people who make these. “[T]here were 1,862 data breaches in 2021 — a 68% increase over breaches in 2020. And, new year-over-year results indicate a fast start to data breaches in 2022, as more than 90% of data breaches are cyberattack-related.”
https://www.securitymagazine.com/articles/97518-the-20-most-common-passwords-leaked-on-the-dark-web
Month: April 2022
Pandemic depression, self-harm and suicide jumps
It’s easy to blame the pandemic for everything, but there was a 45% increase in self-injury and suicide cases among 5- to 17-year-olds in the first half of 2021. We can blame social media, and we’d be right to, but it’s not all due to that either.
Now I don’t have children, but my interactions with friends’ kids and my nephews have made me realize that there is intense need for understanding and importance in our youth at those ages. Then in college, young adults are trying to grasp their meaning and place in the world through a career. Both of these times are critical in self development–but the last thing they needed was a pandemic shutdown (imho).
https://www.morningbrew.com/daily/stories/2022/04/24/the-teen-mental-health-crisis-mystery
Mailchimp: the hack, the user education?
Took some time with 300 accounts being compromised and getting personal information through them. Used social engineering and hit client Trezor. Here a corporate policy that recommends exactly what they are hit with.
Took some planning:
“The phishing application is a cloned version of Trezor Suite with very realistic functionality, and also included a web version of the app,” the crypto wallet company wrote in a blogpost.”
As usual, some irony dripping off this one when compared to the recommendations on their site help:
“You received an unexpected email from Mailchimp staff or service teams. This may include forgot username emails or password reset emails you didn’t request…For an extra layer of security, we encourage you to set up two-factor authentication with SMS or a two-factor authentication app”
https://mailchimp.com/help/i-think-my-account-has-been-compromised/
Bermuda Citizen Number One
Larger than life.
At the Royal Bermuda Yacht club, Charles lifted his whisky again and let loose some blue language. Then with that twinkle in his eye flirted with my mother. He had just returned from the Arctic sailing trip with Warren “War Baby” Brown and was once again the center of attention in Hamilton.
Continue reading “Bermuda Citizen Number One”
New look
Got a new look here with my new logo and domain name. The .com and .net were taken.
Cyber recommendations for wartime
Saw these recommendations for cyber today. Organizations should be vigilant for the evergreen practices: employee training about phishing and social engineering, give only the permissions needed to users, and scan for vulns and lock down ports you don’t use. But it adds, clean up old accounts (a practice for admins) and resist trying out new security measures.
Four key cybersecurity practices during geopolitical upheaval | Malwarebytes Labs
CISA has also put out some recommendations: Shields Up | CISA
Two Realities
Been reading John Bolton’s The Room Where It Happened. I thought that Trump was reined in by the “adults in the room.” While that sometimes happened, those very same people failed in doing so in the long run.
The other reality? My relative just listened to another Trump rally today.
I don’t understand what the man is rallying for. Like my friend Gijo notes, neither Reagan nor the Bushes threw rallies after they left office. I also remember my first following politics in 1992. Bob Dole, while being unfortunately noncharismatic, was understandable and coherent. He didn’t fly off the handle, at least publicly. Trump brought vitriol and instability as he coped with a job he was unsuited for.
Is he planning a 2024 run? It seems so. There has to be a sane alternative.